Jwt vs JwtAuthenticationToken

🔐 `Jwt` vs `JwtAuthenticationToken` — What's the Relationship?

Think of it like this:

1. `Jwt` is the raw token.

It's just a data object that holds everything inside the token — like:

sub (subject, usually the user ID),
email, roles, iat (issued at), etc.
Header + claims + signature (already decoded when you have a Jwt).

🧠 Analogy: This is like the contents of someone's ID card.


Jwt jwt = Jwt.withTokenValue("mock-token")
             .claim("sub", "123")
             .claim("email", "[email protected]")
             .build();

2. `JwtAuthenticationToken` is a Spring Security wrapper.

Spring uses it to:

Represent the authenticated user inside the system (Authentication object).
Store the Jwt and extract important parts (like authorities, name).
Provide things like:
- .getAuthorities() → roles
- .getPrincipal() → the actual Jwt
- .getName() → usually the subject claim (e.g. user ID)

🧠 Analogy: This is the user login session, built from the ID card.


JwtAuthenticationToken auth = new JwtAuthenticationToken(jwt, authorities);

Now you can access things like:


auth.getPrincipal(); // the Jwt object
auth.getName();      // the "sub" claim (like user ID)
auth.getAuthorities(); // converted roles

🔐 Jwt vs JwtAuthenticationToken — What's the Relationship?

1. Jwt is the raw token.

2. JwtAuthenticationToken is a Spring Security wrapper.

🔐 `Jwt` vs `JwtAuthenticationToken` — What's the Relationship?

1. `Jwt` is the raw token.

2. `JwtAuthenticationToken` is a Spring Security wrapper.